package com.lf.yapinmall.gateway.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.reactive.CorsWebFilter;
import org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource;
/**
 * spring gateway 配置跨域请求
 * 1、Access-Control-Allow-Credentials：跨域请求默认不包括cookie，设置为true包括cookie
 * 2、Access-Control-Allow-Methods：支持那些方法跨域
 * 3、Access-Control-Allow-Origin：支持那些来源的请求跨域
 * 4、Access-Control-Expose-Headers：跨域请求暴露的字段
 * 5、Access-Control-Max-Age：表明该响应的有效时间为多少秒。在有效事件内，浏览器无需为同一次请求再次发起跨域请求。
 *
 */
@Configuration
public class YapinCrosConfiguration {

    @Bean
    public CorsWebFilter corsWebFilter() {
        UrlBasedCorsConfigurationSource corsConfigurationSource = new UrlBasedCorsConfigurationSource();
        CorsConfiguration corsConfiguration = new CorsConfiguration();
        corsConfiguration.setAllowCredentials(true);
        corsConfiguration.addAllowedOrigin("*");
        corsConfiguration.addAllowedHeader("*");
        corsConfiguration.addAllowedMethod("*");
        corsConfiguration.setMaxAge(3600L);
        //所有请求
        corsConfigurationSource.registerCorsConfiguration("/**", corsConfiguration);
        return new CorsWebFilter(corsConfigurationSource);
    }
}
